On 9/26/12 7:21 PM, "Bert" <[email protected]> wrote: >Don't know what top posting is if I doing it sorry.
Then I suggest that you try a Google Search for 'top-posting'. >Original message I mentioned masq cache when I should of said NAT. There is no such thing as 'masq cache'. Netfilter maintains a 'conntrack table' which tracks all active connections, and which is not touched by 'shorewall restart'. It is purged by 'shorewall restart -p' which I assume that you are not doing? > To answer your question I do use proxy arp but my issue is basic >workstations are getting there connection clipped when I restart >firewall. We use remote desktop protocol heavily and whenever I restart >shorewall on the client side I assume that is the 'LAN side'? >everyone gets bumped off but out at our colo I can restart shorewall and >there is no effect on connections. Without the details of your configuration (Hint: Output of 'shorewall dump' as an attachment), I can't offer any guess. -Tom You do not need a parachute to skydive. You only need a parachute to skydive twice. ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://ad.doubleclick.net/clk;258768047;13503038;j? http://info.appdynamics.com/FreeJavaPerformanceDownload.html _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
